[CentOS] CentOS 5.3 samba: getent does not return data from the active directory (ads)

Tue Apr 7 22:25:08 UTC 2009
JohnS <jses27 at gmail.com>

On Tue, 2009-04-07 at 16:53 -0500, Jason Ellison wrote:
> On Tue, Apr 7, 2009 at 4:03 PM, JohnS <jses27 at gmail.com> wrote:
> >
> > On Tue, 2009-04-07 at 15:33 -0500, Jason Ellison wrote:
> >> CentOS 5.3 getent does not return data from the active directory (ads)
> >>
> >>   I have installed and configured kerberos and samba so that the
> >> server can be a member of an existing Active Directory (AD).  Correct
> >> configuration of kerbos was verified using kinit and klist.  The samba
> >> configuration was verified by using "smbclient -k -L server".  winbind
> >> was verified by using "wbinfo -g".  The problem seems to be nsswitch
> >> accessing winbindd to get group information via the "getent group"
> >> command.  I added winbind to the /etc/nsswitch.conf file like so:
> >>
> >> [root at nagios ~]# grep winbind /etc/nsswitch.conf
> >> passwd:     files winbind
> >> shadow:     files winbind
> >> group:      files winbind
> > ---
> > Try "hosts: files dns wins"
> > "hosts: files winbind"
> > You realy don't say if your authenticating what and where @. But I do
> > know you did not list "the hosts:" line in nsswitch. One of those should
> > do it. getent group_name will never work with out changing it.
> 
> JohnS,
> 
>   getent is used to get entries from the administrative databases, not
> particular items.  it is my understanding that "getent group_name"
> would never work.  i feel really in the dark here, could you please
> explain how getent works on your system?  is yours modified?
> 
> -Jason Ellison
---
Used to enumerate groups and names and it works the same as does on
yours. I think you misunderstood what I said. getent want make samba
work against ad if that is what your refering to. I was refering to the
nsswitch lines. But they appear to be correct. I should have said so.